On Wednesday, February 18, 1998 1:18 PM, Rik Drummond
[SMTP:drummond(_at_)onramp(_dot_)net] wrote:
The EDIINT "Secure EDI over Internet WG" is testing our
recommendations
with 8 vendors. We are exchanging cert. in s/mime pkcs7 format. What
are
your recommendations in the use of pkcs12 format for cert. exchange?
For simply exchanging certificates, PKCS #12 is a big hammer.
Certs-only PKCS #7 messages are pretty easy to generate and parse,
though they don't offer any integrity or privacy services. I guess it
depends on the need: If you have a mechanism for chain validation on
the recipient side, and can qualify the a received certificate as
usable, then certs-only should work fine.
Blake
--
Blake C. Ramsdell
Worldtalk Corporation
For current info, check http://www.deming.com/users/blaker
Voice +1 425 882 8861 x103 Fax +1 425 882 8060